src - OpenBSD base system

diff options


context:
space:
mode:

author	Ted Unangst <tedu@cvs.openbsd.org>	2014-04-17 21:37:38 +0000
committer	Ted Unangst <tedu@cvs.openbsd.org>	2014-04-17 21:37:38 +0000
commit	1452f8bb6aadca74b2a23c2cba09a2bf0de48546 (patch)
tree	4f08bcd257bf790cc2b9967a3d1fd9a0a1f2b444 /lib/libssl/t1_lib.c
parent	1d52fd31b115b1f96773297f0d189ae8cefecb49 (diff)

always build in RSA and DSA. ok deraadt miod

Diffstat (limited to 'lib/libssl/t1_lib.c')

-rw-r--r--

lib/libssl/t1_lib.c

1 files changed, 0 insertions, 20 deletions

diff --git a/lib/libssl/t1_lib.c b/lib/libssl/t1_lib.c
index 304140d7f6d..6ee2289153f 100644
--- a/lib/libssl/t1_lib.c
+++ b/lib/libssl/t1_lib.c

@@ -310,17 +310,9 @@ tls1_ec_nid2curve_id(int nid)

* customisable at some point, for now include everything we support.

-#ifdef OPENSSL_NO_RSA

-#define tlsext_sigalg_rsa(md) /* */

-#else

#define tlsext_sigalg_rsa(md) md, TLSEXT_signature_rsa,

-#endif

-#ifdef OPENSSL_NO_DSA

-#define tlsext_sigalg_dsa(md) /* */

-#else

#define tlsext_sigalg_dsa(md) md, TLSEXT_signature_dsa,

-#endif

#ifdef OPENSSL_NO_ECDSA

#define tlsext_sigalg_ecdsa(md) /* */

@@ -2202,12 +2194,8 @@ static tls12_lookup tls12_md[] = {

};

static tls12_lookup tls12_sig[] = {

-#ifndef OPENSSL_NO_RSA

{EVP_PKEY_RSA, TLSEXT_signature_rsa},

-#endif

-#ifndef OPENSSL_NO_DSA

{EVP_PKEY_DSA, TLSEXT_signature_dsa},

-#endif

#ifndef OPENSSL_NO_ECDSA

{EVP_PKEY_EC, TLSEXT_signature_ecdsa}

#endif

@@ -2307,16 +2295,12 @@ tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize)

unsigned char hash_alg = data[i], sig_alg = data[i + 1];

switch (sig_alg) {

-#ifndef OPENSSL_NO_RSA

case TLSEXT_signature_rsa:

idx = SSL_PKEY_RSA_SIGN;

break;

-#endif

-#ifndef OPENSSL_NO_DSA

case TLSEXT_signature_dsa:

idx = SSL_PKEY_DSA_SIGN;

break;

-#endif

#ifndef OPENSSL_NO_ECDSA

case TLSEXT_signature_ecdsa:

idx = SSL_PKEY_ECC;

@@ -2341,16 +2325,12 @@ tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize)

/* Set any remaining keys to default values. NOTE: if alg is not

* supported it stays as NULL.

-#ifndef OPENSSL_NO_DSA

if (!c->pkeys[SSL_PKEY_DSA_SIGN].digest)

c->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();

-#endif

-#ifndef OPENSSL_NO_RSA

if (!c->pkeys[SSL_PKEY_RSA_SIGN].digest) {

c->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();

c->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();

}

-#endif

#ifndef OPENSSL_NO_ECDSA

if (!c->pkeys[SSL_PKEY_ECC].digest)

c->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();